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Ct AIM AMENDMENTS 
This listing of claims will replace all prior versions and listings of claims in the 
application. 
Listing of Claims 

1. (Cun^tiy Amended) A method of aulfaenticating aid-user clients requiring access to 
services available in a computer-based communication system, comprising tiie steps of. 

a) at an auflientication server connected in said communication system, defining a list of 
authentication modules available in said communication system, and mapping said 
audientication modules to authenticating domain identifiers associated to end-user clients of said 
authentication serve r, whea^in said authenticating domain identifiers each comprise an 
application service identifier: 

b) sending, by an end-user cli^t, a respective authentication domain identifier to said 
authentication serveq 

c) oeating, by the audientication server and depending on tiie authentication domain 
identifier, an authentication stack specific to said end-user client, said stack comprising one or 
more stack entries, each mapped to a respective authentication module; 

d) rendering, for each stack entry and depending thereon, an authentication service 
provided at said respective autiientication module to produce an audientication result for tiiat 
entry; and 
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e) consolidating authentication results to obtain an authoiticatioo status for the end-user 

client 

2-3. (Canceled) 

4. (Original) The method as defined in claim 1 wherein the auttentication service inchides 
local and remote services. 

5. (Original) The mefbod as defined in claim 4 wherem the local and remote services 
include but are not limited to biometric schemes, cryptographic hardware services, smart cards 
and l^B tokens. 

6. (Previously Presented) The method as defined in claim 1 further comprising, sendmg a 
unique session identifier to tbe end-user client re^onsive to an authentication status 
cone^nding to a successful authet^cation. 

7. (Currently Amended) A system for authenticating an end-user client in a computw-based 
communication system c(»npnsiiig: 

means, at the end-user client, fot sending an authenticating domain idraitifier to an 
authentication server, wherein said authp iiHcating domain identifier comprises an application 
seiTice identifier. 
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means, at the authentication server and depending on the authentication domain 
identifier, for creating an authentication stack comprising one or more stack entries; 

means for rendering, for each stack entry and depending thereon, an authentication 
service to produce an authentication result for that entrjq and 

means for consolidating authentication results to obtain an authentication status for the 
end-user client 

8. (Canceled) 

9. (Currently Amended) The system as defined in cloim 8 claim 7. w herein the 
autiientication server, dependent on the application ID. retrieves a configuration specifying how 
to create the authentication stack. 

10. (Original) The system as defined in claim 7 wherein the authentication service includes 
local and remote services. 

11. (Original) The system as defined in claim 7 wherein the local and remote services 
include biometric schemes, cryptographic hardware services, smart cards and USB tokens. 
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12. (Original) The system as defined in claim 7 wherein responsive to an authentication 

status corresponding to a successful authentication, a unique session ID is sort to the end-user 

client 
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